主要高危漏洞:
1、fastjson-1.2.78
报告网址:https://devhub.checkmarx.com/cve-details/CVE-2022-25845/
风险指数:9.8/10
解决方式:升级版本至1.2.83
2、spring-web:5.2.9.RELEASE
CVE-2016-1000027 9.8 Deserialization of Untrusted Data vulnerability
CVE-2021-22118 7.8 Improper Privilege Management vulnerability
3、hutool-all:4.6.1
CVE-2022-45689 7.5 Out-of-bounds Write vulnerability
CVE-2022-45690 7.5 Out-of-bounds Write vulnerability
CVE-2022-4565 7.5 Improper Resource Shutdown or Release vulnerability
CVE-2023-24163 9.8 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability
解决方式:待定
参考网址:
https://devhub.checkmarx.com/